Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/hZx6teAycyy986SjMCtwUrUuYe8.roa
File: hZx6teAycyy986SjMCtwUrUuYe8.roa (raw, json)
Hash identifier: QFGvkcX+Sqt1km9jap9R5/xzYg1V1rD7YRYBC3f3UMk=
Subject key identifier: 85:9C:7A:B5:E0:32:73:2C:BD:F3:A4:A3:30:2B:70:52:B5:2E:61:EF
Certificate issuer: /CN=e242c2b74d7575a228a7e64f0406f3a397c7ae56
Certificate serial: 0185E8FF7324760B37A3930DF917E3838D37
Authority key identifier: E2:42:C2:B7:4D:75:75:A2:28:A7:E6:4F:04:06:F3:A3:97:C7:AE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kLCt011daIop-ZPBAbzo5fHrlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/hZx6teAycyy986SjMCtwUrUuYe8.roa
Signing time: Wed 25 Jan 2023 12:55:33 +0000
ROA not before: Wed 25 Jan 2023 12:55:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57871
IP address blocks: 176.110.133.0/24 maxlen: 24
176.110.136.0/23 maxlen: 23
176.110.134.0/23 maxlen: 23
176.110.138.0/23 maxlen: 23
176.110.140.0/23 maxlen: 23
176.110.142.0/23 maxlen: 23
176.110.130.0/24 maxlen: 24
176.110.129.0/24 maxlen: 24
176.110.132.0/24 maxlen: 24
176.110.128.0/24 maxlen: 24
176.110.131.0/24 maxlen: 24
176.110.128.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:ff:73:24:76:0b:37:a3:93:0d:f9:17:e3:83:8d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e242c2b74d7575a228a7e64f0406f3a397c7ae56
Validity
Not Before: Jan 25 12:55:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=859c7ab5e032732cbdf3a4a3302b7052b52e61ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:2a:de:07:d6:6e:31:74:6e:03:61:7e:cf:
cf:a9:26:d7:77:d5:54:08:08:7a:3c:0d:9d:29:9c:
e9:aa:15:6d:4f:50:e3:49:a4:7c:f4:ca:70:eb:e6:
e1:ff:6a:60:eb:ae:56:c1:de:8c:d6:2f:1a:f0:0e:
62:67:7d:af:74:81:23:a5:de:14:bf:94:ec:7e:e3:
1b:c4:65:c3:73:51:2e:94:8d:c8:37:d7:62:27:bb:
ae:57:66:8d:f8:dc:fb:03:8e:9c:33:ae:5a:22:91:
a0:85:53:d8:ad:4c:b5:f7:37:44:d5:12:ec:ba:50:
e7:89:e1:b5:16:34:8a:7d:16:3c:b0:ec:1b:18:69:
93:ce:07:1e:95:7e:c4:99:6b:f1:dc:e3:1d:4f:ad:
8d:c8:7c:2a:06:43:57:7f:66:01:93:35:1d:11:28:
7a:bd:49:51:bf:ea:3b:22:57:50:2b:93:03:7c:8a:
41:ea:dd:22:9b:35:a4:05:22:ca:b6:f4:60:31:ae:
03:3c:45:55:35:d9:af:0d:48:61:e7:7b:8e:f8:77:
2a:b2:20:eb:f4:2a:3a:38:63:8a:23:30:3f:3b:62:
40:05:bb:cb:cd:36:7b:e3:71:96:11:25:b8:ad:18:
b6:87:08:13:0e:9d:e9:7a:e3:55:37:45:e5:99:89:
d4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9C:7A:B5:E0:32:73:2C:BD:F3:A4:A3:30:2B:70:52:B5:2E:61:EF
X509v3 Authority Key Identifier:
keyid:E2:42:C2:B7:4D:75:75:A2:28:A7:E6:4F:04:06:F3:A3:97:C7:AE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kLCt011daIop-ZPBAbzo5fHrlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/hZx6teAycyy986SjMCtwUrUuYe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/4kLCt011daIop-ZPBAbzo5fHrlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b5:5d:a8:b9:52:6a:1d:e7:f6:f1:20:da:44:a2:1a:8b:d4:7a:
87:5a:18:5f:b4:74:f8:63:4a:df:fd:d5:fd:41:f5:71:3a:af:
a1:80:a8:28:b4:b1:cc:3f:2d:a2:84:ff:81:30:c7:bd:63:6c:
f9:bd:d8:01:81:fb:2b:4c:67:79:3d:24:f4:44:21:e8:8b:c0:
c3:30:1e:2e:63:db:c7:b0:78:b8:d7:29:e0:13:c4:99:0f:61:
cf:15:62:3e:62:d4:4d:d7:01:7b:de:b3:98:93:49:c4:49:59:
f2:73:22:fc:19:35:e6:56:0d:fa:c3:a2:94:07:6d:ae:2c:5d:
fa:f3:6f:e3:34:45:26:98:00:81:ec:62:fc:6f:d6:e0:b7:f8:
79:f4:24:b2:2e:c5:68:d5:2c:80:e6:31:34:11:89:b3:9c:0c:
ab:b7:29:47:7a:ba:35:af:ce:d6:a9:d3:d5:58:e4:e1:01:c1:
f5:15:41:1a:52:cc:cd:fc:e2:45:ef:88:56:ec:30:1a:b6:7c:
77:d1:38:58:67:9b:15:67:79:e7:ef:86:64:d8:9f:c8:ed:8b:
86:81:40:93:2a:75:da:73:ef:87:cd:9b:c3:63:44:7f:f1:3d:
c6:38:43:91:3e:a2:9d:2c:3c:2d:01:74:82:83:66:4b:22:74:
c6:f2:f2:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXo/3Mkdgs3o5MN+Rfjg403MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDJjMmI3NGQ3NTc1YTIyOGE3ZTY0ZjA0MDZmM2EzOTdj
N2FlNTYwHhcNMjMwMTI1MTI1NTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTljN2FiNWUwMzI3MzJjYmRmM2E0YTMzMDJiNzA1MmI1MmU2MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqIq3gfWbjF0bgNhfs/PqSbXd9VU
CAh6PA2dKZzpqhVtT1DjSaR89Mpw6+bh/2pg665Wwd6M1i8a8A5iZ32vdIEjpd4U
v5TsfuMbxGXDc1EulI3IN9diJ7uuV2aN+Nz7A46cM65aIpGghVPYrUy19zdE1RLs
ulDnieG1FjSKfRY8sOwbGGmTzgcelX7EmWvx3OMdT62NyHwqBkNXf2YBkzUdESh6
vUlRv+o7IldQK5MDfIpB6t0imzWkBSLKtvRgMa4DPEVVNdmvDUhh53uO+HcqsiDr
9Co6OGOKIzA/O2JABbvLzTZ743GWESW4rRi2hwgTDp3peuNVN0XlmYnUkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWcerXgMnMsvfOkozArcFK1LmHvMB8GA1UdIwQY
MBaAFOJCwrdNdXWiKKfmTwQG86OXx65WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtMQ3QwMTFkYUlvcC1aUEJBYnpvNWZIcmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83ZTMwMjUtOGNhZi00MDJjLWI1NGYt
Y2JiOGNmZWU2ZTNjLzEvaFp4NnRlQXljeXk5ODZTak1DdHdVclV1WWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83ZTMwMjUtOGNhZi00MDJjLWI1NGYtY2JiOGNmZWU2ZTNj
LzEvNGtMQ3QwMTFkYUlvcC1aUEJBYnpvNWZIcmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsG6AMA0G
CSqGSIb3DQEBCwUAA4IBAQC1Xai5Umod5/bxINpEohqL1HqHWhhftHT4Y0rf/dX9
QfVxOq+hgKgotLHMPy2ihP+BMMe9Y2z5vdgBgfsrTGd5PST0RCHoi8DDMB4uY9vH
sHi41yngE8SZD2HPFWI+YtRN1wF73rOYk0nESVnycyL8GTXmVg36w6KUB22uLF36
82/jNEUmmACB7GL8b9bgt/h59CSyLsVo1SyA5jE0EYmznAyrtylHero1r87WqdPV
WOThAcH1FUEaUszN/OJF74hW7DAatnx30ThYZ5sVZ3nn74Zk2J/I7YuGgUCTKnXa
c++HzZvDY0R/8T3GOEORPqKdLDwtAXSCg2ZLInTG8vIa
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:24 2025 by rpki-client